using System.Security.Cryptography.X509Certificates;
using Admin2025.Application.common;
using Admin2025.Application.Dtos;
using Admin2025.Domain.Entities.App;
using Admin2025.Domain.Repository;

namespace Admin2025.Application.Services;

public class AppRoleService : IAppRoleService
{
    private readonly IRepository<AppRole> _roleRepo;
    private readonly IRepository<AppPermission> _permissionRepo;
    public AppRoleService(IRepository<AppRole> roleRepo, IRepository<AppPermission> permissionRepo)
    {
        _roleRepo = roleRepo;
        _permissionRepo = permissionRepo;
    }
    public async Task<dynamic> GetAllRoleAsync()
    {
         var list = await _roleRepo.GetAllAsync();
            return list.Select(user => new RoleDto
            {
                Id = user.Id,
                RoleName=user.RoleName
            });
    }

    public async Task<dynamic> CreateRoleAsync(CreateRoleDto createRoleDto)
    {
        var isExists = _roleRepo.Table.Where(x => x.RoleName == createRoleDto.RoleName).Any();
        if (isExists)
        {
            return ApiResult.Fail(3002, "已经存在同名的角色，请重新确认");
        }
        var role = new AppRole { RoleName = createRoleDto.RoleName, DataScope = createRoleDto.DataScope };
        await _roleRepo.CreateAsync(role);
        return ApiResult.Success(role, "创建角色成功");
    }
    public async Task<dynamic> DeleteRoleAsync(Guid roleId)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要删除的角色不存在，请重新确认");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4001, "要删除的角色已经删除，请重新确认");
        }
        role.IsDeleted = true;
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "删除成功");
    }
    public async Task<dynamic> UpdateRoleAsync(Guid roleId, UpdateRoleDto updateRoleDto)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要删除的角色不存在，请重新确认");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4001, "要删除的角色已经删除，请重新确认");
        }
        if (role.IsActive == false)
        {
            return ApiResult.Fail(4001, "未启用，请重新确认");
        }
        role.RoleName = updateRoleDto.RoleName;
        role.DataScope = updateRoleDto.DataScope;
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "更新成功");
    }
    public async Task<dynamic> EnableRole(Guid roleId)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要启用的角色不存在，请重新确认");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4001, "要启用的角色已经删除，请重新确认");
        }
        if (role.IsActive)
        {
            return ApiResult.Fail(4001, "已经启用，无需重复启用，请重新确认");
        }
        role.IsActive = true;
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "启用成功");
    }
    public async Task<dynamic> DisableRole(Guid roleId)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要禁用的角色不存在，请重新确认");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4001, "要禁用的角色已经删除，请重新确认");
        }
        if (role.IsActive == false)
        {
            return ApiResult.Fail(4001, "已经禁用，无需重复禁用，请重新确认");
        }
        role.IsActive = false;
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "禁用成功");
    }
    public async Task<dynamic> AssignPermission(Guid roleId, string permissionCode)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要禁用的角色不存在，请重新确认");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4001, "要禁用的角色已经删除，请重新确认");
        }
        if (role.IsActive == false)
        {
            return ApiResult.Fail(4001, "已经禁用，无需重复禁用，请重新确认");
        }
        var permission = _permissionRepo.Table.FirstOrDefault(x => x.Code == permissionCode);
        if (permission == null)
        {
            return ApiResult.Fail(4004, "权限不存在");
        }
        if (permission.IsDeleted)
        {
            return ApiResult.Fail(4004, "权限已被删除");
        }
        if (!permission.IsActive)
        {
            return ApiResult.Fail(4004, "权限未启用");
        }
        role.AssignPermission(permission);
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "分配权限成功");

    }
    public Task<dynamic> RemovePermission(Guid roleId, string permissionCOde)
    {
        return RemovePermissionInternal(roleId, permissionCOde);
    }
    private async Task<dynamic> RemovePermissionInternal(Guid roleId, string permissionCode)
    {
        var role = await _roleRepo.GetByIdAsync(roleId);
        if (role == null)
        {
            return ApiResult.Fail(4004, "要操作的角色不存在，请确认后重试");
        }
        if (role.IsDeleted)
        {
            return ApiResult.Fail(4004, "角色已被删除");
        }
        if (!role.IsActive)
        {
            return ApiResult.Fail(4004, "角色未启用");
        }
        var permission = _permissionRepo.Table.FirstOrDefault(x => x.Code == permissionCode);
        if (permission == null)
        {
            return ApiResult.Fail(4004, "权限不存在");
        }
        if (permission.IsDeleted)
        {
            return ApiResult.Fail(4004, "权限已被删除");
        }
        if (!permission.IsActive)
        {
            return ApiResult.Fail(4004, "权限未启用");
        }
        //检查是否已分配该权限
        if (!role.Permissions.Contains(permission))
        {
            return ApiResult.Fail(4002, "该角色未分配此权限，无需移除");
        }
        role.RemovePermission(permission);
        await _roleRepo.UpdateAsync(role);
        return ApiResult.Success(role, "移除权限成功");
    }
}